|
|
|
|
|
|
by PascalsMugger
3737 days ago
|
|
|
Does this disclosure requirement apply when the work is contracted to a third party? I have a hard time believing security companies would ever work for the government if doing so required them disclosing the vulnerabilities they use to the manufacturer. If the disclosure is not required of third parties then all such a policy does is incentivizes government agencies to ostensibly farm out such work to compliant security firms. This is how we end up with private firms as extensions of government a la Blackwater. Seems ill advised. |
|
|